Certified Mail: July 2002

I recently read Kevin Kocis’ “BIND
Your Windows 2000 DNS” article in the May issue. He claims that, by
default, the BIND secondaries check box on the Win2K DNS Server is cleared
to enable fast zone transfers. I’ve been installing, configuring, supporting
and teaching Win2K for more than two years; it’s always been my experience
that this check box is actually selected (enabled) by default. If you
use the Help file as your source on this matter, I believe Kevin will
be in error, as it’s misleading.

I’ve discussed this issue with several other MCSEs and MCTs. Our conclusion
is that Microsoft made a mistake in the Help file, and that it’s going
for the highest degree of interoperability (read backward compatibility)
during a default installation, so the box is checked by default to allow
for “old-style” zone transfers with BIND versions prior to 4.9.4. I believe
that after a default installation, there’s a check in the applicable box.—Mike Foster, MCSE, MCT, CCNA, A+, Network+, i-Net+
Mesa, Arizona

I concur, as I’ve encountered the same situation during installation.
I’ve also witnessed it unchecked, although I can’t determine any criteria
for the event. When I referenced this with Microsoft and other third-party
training facilities, they claimed that the check box should be cleared
by default (Microsoft’s influence with training facilities is unbiased,
right?) In any case, I opted for the Microsoft claim in the article.
You may be quite correct in your assessment about a mistake in the Help
file. The important thing is that the administrator verify that it’s
referenced and appropriately considered depending on the environment.
— Kevin Kocis

Replication Tip ErrorA feature in the April 2002 online issue, “88
High Voltage Tips,” contained a tip titled “Prevent Files from Backing
up in the FRS Staging Areas.” In this tip, Gary Olsen indicated that a
bug in Win2K caused files scanned by anti-virus and disk defragmenting
programs to be replicated, even though the contents of these files hadn’t
changed. Microsoft has been aware of this behavior for some time (See
"Antivirus Problems May Modify Security Descriptors Causing Excessive
Replication of FRS Data in Sysvol and DFS," Q284947,
published Jan. 9, 2001), but it isn’t the result of a bug.

The anti-virus and disk defragmenting programs in question all perform
writes of some kind against scanned files, usually by backing up and then
rewriting the NTFS security descriptor to the file. The File Replication
Service, which monitors changes to files in replicated directories, becomes
aware of these writes and, prior to Service Pack 3, queues the file for
replication.

Microsoft has taken a two-pronged approach to correcting this situation.
First, Microsoft is actively working with ISVs so that future versions
of these products don’t trigger this behavior. Second, an update in SP3
contains code that will scan newly written files to see if the data contained
in the file has actually changed. If not, the change order is suppressed
and a warning event is written to the File Replication Service Event Log
(Event ID 13567). A large number of these events should warn the administrator
that an application is making these writes. The administrator can then
choose to upgrade the product or exempt the directories replicated by
FRS from scanning. The SP3 update is available as a hot fix as documented
in Q307319 from Microsoft PSS at no charge to the customer.—Jonathan Stephens

Is There an MCSD Market?
I have been an MCSD for about seven years. Unfortunately, I honestly don’t
think the corporate world cares. Check out Dice.com,
and do a nationwide keyword search for MCSD. Out of 31,000 jobs listed,
MCSD returns back a grand total of 32 jobs. As a matter of comparison,
searching for the word Fortran yielded 120 jobs!

On Careerbuilder.com, searching
for MCSD nationwide yields 35 jobs out of the tens of thousands listed.
Also, this year it seems Microsoft took away the TechEd discount for MCSDs.
Being an MCSD used to get me $200 off a TechEd registration.

So, I guess I need a reminder: What are the tangible benefits again?
Is there a measurable market for MCSDs?—Steve Szyszkiewicz, MCSD
Delran, New Jersey

A Happy EndingI just wanted to let you know that after five months looking for
a new job, I’ve found one. I’ve never worked as hard in my life as I did
looking for a new job, and the rewards are great. Although I don’t recommend
unemployment to anyone, this has been a tremendous learning experience
(both as a manager and an employee).

I’ve accepted a position with Financial Technologies International (www.ftisoft.com)
serving in a management capacity. FTI is a software company that specializes
in the financial services industry.—Dwight Jessup, MCSE+I
Burlington, New Jersey

(Note: Dwight Jessup is one of two MCPs profiled by Editorial Director
Dian Schaffhauser in her March Editor’s Desk column, “A
Tale of Two Guys.”)

Issues with AuntieAuntie, hold on just a second, please, and put your fork down.
I think you’re giving Microsoft, and Bill Gates in particular, way too
much credit in your April column, “Pass
the Crow, Please.” Mr.Gates’ security initiative may be just what
Microsoft and the software buying public need, but I think you’ve overlooked
a couple of things.

To start with, Microsoft has been the target of some serious security
breaches over the past couple of years. Look at all the worms, Trojan
Horses and so on that have been aimed at exploiting holes in Outlook,
IE and others. These attacks were not written to work with Netscape, Groupwise
or Lotus Notes—were they? No, they were aimed directly at Microsoft software.
Furthermore, IE and IIS are both full of some major holes that have slowly
been getting plugged, but only after the problems were discovered and
announced publicly. Even then, Microsoft wasn’t the one to announce the
security problems; they were always being found by a third party, and
then Microsoft stepped in and did something about them. So, yes, it’s
about time the folks at Redmond did something about this. Security concerns
are now paramount there because of the amount of anger directed at the
company for all the problems. I also find it interesting that this announcement
came at a time when everyone’s worried about security. Bill Gates isn’t
starting anything new or being revolutionary; he’s simply jumping on the
security bandwagon that’s been rolling since last September. He isn’t
leading; he’s following.

This is nothing new, of course.

And the kudos you give him for Windows and the Internet—let’s look at
those for a moment, shall we? Yes, Gates had things well in hand with
DOS. But let’s remember the time period. While Apple wasn’t the innovative
powerhouse it had been a few years back, it was still a force to be reckoned
with and, while DOS could only handle one thing at a time, the Macintosh
could multitask. Also, the interface was so much easier to use and everybody
knew it. So what does Bill Gates do? Does he come up with something radical
and different? No, he does exactly what Steve Jobs did: He borrowed and
stole other people’s ideas to make his OS. Windows was nothing new. It
was just a variation on the Mac, which became more obvious by the time
Windows 95 was released. Recycle Bin? Come on! A trashcan by any other
name is still a Macintosh OS rip-off.

As for the decision about the Internet, you’ve left out one important
fact. Early in 1995, the BBS was still king. Compuserve, Prodigy, AOL—these
were the powerhouses. Most of computer-buying America knew little, if
anything, about the Internet. Bill Gates even stated flatly at a press
conference that the Internet was a passing fad and unimportant. He said
this at the announcement for its new BBS, Microsoft Network (MSN). Microsoft
was going head-to-head with Compuserve and the other BBSs, and it was
a disaster. When MSN was released, nobody signed up. After a couple of
months, it had a few thousand subscribers at best. Meanwhile, the other
guys were pulling in new subscribers left and right.

Then, you may recall, President Clinton and Vice President Gore began
talking about building the “Information Superhighway.” And the whole country
went, “What? The Internet? Tell me more.” Suddenly, everyone wanted on
the Internet; shortly after that, the WorldWide Web was born. All the
BBSs suddenly included Internet connections in their new software versions
and subscriptions soared. Finally, as Windows 95 was nearing release,
Bill Gates announced that the Internet was the place to be and the new
OS would include a connection to MSN. Later, of course, with OSR2, he
incorporated IE into the package as well, making Internet access even
easier. But please note that, once again, Gates only did what everyone
was already doing.

The point of this long-winded tirade, Auntie, is that Bill Gates and
Microsoft are nothing new under the sun. Yes, he’s focusing on security,
finally. But only to save his own skin, because everybody else’s software
already has better security than his and he has known it all along. It’s
just that people have caught on and are getting frustrated by it, and
Microsoft has to do something about it to stay in the game. It might be
a new corporate leaf, but it’s only because it’s such a big and easy target
and, as a result, is becoming a laughing stock.

OK, sorry this took so long. The food’s getting cold, I’m sure—but I
guess crow tastes the same hot or cold, right? If you want to eat, go
ahead. But I think I’ll pass and see what they might be serving later.
—Lawrence Woodhouse, MCP
Penfield, New York

The nice thing about history is that we all get to pull out the
parts that support our own views and interpret them to suit. We could
debate for a long while whether Microsoft is, on the whole, a leader
or a follower. Still, the important point here is this: If Microsoft
is finally getting serious about security, we all benefit. I don’t care
much whether that’s due to vision or butt-covering; all I want is secure
servers.

I’ll tuck a piece of that pie in the freezer. Check back with me
in a few years and we can decide how to split it between us.
—Auntie

WMI Need Help
I’ve been reading Chris Brooke’s articles in the magazine for quite a
while and I’d like to say, nice job! His column is the first article I
read every month.

I’ve been using scripting for quite a while to do many common tasks along
with complex user migration for customers. Now I’m trying to get into
the .Net stuff (I say, “stuff,” because I’m still not sure what it means
yet). I’d like to create an ASP .NET page with code designating that when
a button is clicked, it will use WMI to pull some information from the
user’s computer.

I know that security is usually the first thing that comes to mind, so
to let you know, I’m looking at using this in a LAN environment, not Internet.
Ideally I would have a “Collect” button that a user would click on; via
WMI (I think) the computer serial number would be collected and posted
into a form on the Web page.

Tim, you’re in luck—sort of. The WMI SDK (available from the MSDN
site) provides a Web-based interface to WMI, called the WMI Object Browser.
This series of HTML pages (not ASP .NET) contains all the client-side
scripts to access WMI. From these scripts, you should be able to build
your own Web pages to do the same on ASP (with the script code still
executing on the client).

ASP .NET is very different. You don’t use scripts—you use “full-blown”
.NET programming languages. However, WMI does have an exposed object
model for use in applications (including ASP .NET applications) that
can be viewed in the Visual Studio .NET Object Browser.

Anyway, my point is that you have a good bit of work ahead of you,
but the .HTM pages that come with the WMI SDK should get you started
down the right path.
—Chris Brooke

What’s in a Test?I’ve been developing Windows applications using Visual Basic for
the last six or seven years. I was reading Steve
Crandall and Greg
Neilson’s column, “Professionally Speaking,” in the June issue, regarding
companies that require job candidates to take a personality test before
being hired. I worked recently for a company that required me to take
a personality test.

I had already been through a few interviews with the company and had
been narrowed down to the top prospect. Before making an offer, they asked
me to come back and take a “personality” test “in order to ever be considered
for a management position.” They also said they wanted to figure out what
kind of person they were hiring. The director told me not to answer my
questions based on what [I thought] the company wanted to hear because
they would be able to tell and it would make me look indecisive.

This particular test took almost two hours. I had to rate a series of
comments as “Strongly Agree,” “Somewhat Agree,” “Disagree,” etc. It was
several pages long and would repeat the same types of comments, but would
reword them so that a “Strongly Agree” decision on one could be a “Disagree”
on another just because of the rephrasing.

By the time I was finished, I was so frustrated and upset, I didn’t care
whether they offered me the job or not. They did, in fact, offer me the
job, and I accepted only because I thought it was a job I wanted. However,
I never could get the fact that I took that test out of my head. Honestly,
I felt a little manipulated. And I was mad at myself for not refusing
to take it. If I had been patient, I could have found another place to
work.

I swore then and there to myself that I would never, ever let a company
talk me into taking any type of personality test to be considered for
a position. I think I should be judged by my performance and by my superiors’
and peers’ observance of my character, intelligence and personality while
performing my everyday duties, not by results from a written test.